I have spent 2+ weeks trying to get a Shibboleth 5 IdP stood up for our dev environment.
The players:
- Shibboleth 5 IdP configured to run inside Jetty 11 servlet (no apache)
- openldap (on same server)
- mod_auth_mellon SP on various dev servers
I have gotten the IdP itself working. I received a 401 unauthorized error trying to navigate to a SAML managed location on a dev server. This proves the SAML handshake between SP and IdP is working.
My question is: What Shibboleth 5 configuration do I need to make to have the IdP display a LDAP login page when the SP redirects back to the IdP for authentication?
Further background:
I began by following the Shibboleth 5 wiki for installation. It is not nearly complete.
I have spent, as I said earlier, 2+ weeks scouring the web for Shibboleth and LDAP tutorials.
None exist for Shibboleth 5.
I found a couple sites working with Shibboleth 3 and slowly cobbled together and modified the old instructions to work with the new v5.
The Shibboleth 5 physical installation does not have a login.jsp page anywhere, nor have I found any mention anywhere of how to get Shib 5 to do a redirect to anything, let alone a local LDAP implementation.
Please help.
I'm not sure which config files will be relevant, so I'll include them as they are asked for.